Authoritarian states are increasingly leveraging non-state cyber capabilities to expand their operational reach, thereby challenging conventional distinctions between state and non-state activity. This practice complicates attribution and presents obstacles for coordinated international responses. Moreover, as cyber threats become more complex and entangled, effective countermeasures necessitate enhanced information sharing, trusted partnerships and the development of response tools that function independently of political attribution.
Historically, Western assessments of cyber threats have concentrated on state adversaries. More than 600 state-backed groups are tracked globally. Yet, for more than a decade, Western analyses and discussions of cyber threat concerns have focused mainly on four states: China, Iran, Russia and North Korea. Based on open-source reporting evaluated by the European Repository of Cyber Incidents (EuRepoC), these countries account for more than 70 per cent of the state-backed threats that Europe and its partners have faced since 2000.
The focus on a subset of states is due to high activity levels and national security implications related to intellectual property protection, state secrets and the resilience of critical services. However, state-nexus operations account for just 29 per cent of the operations recorded by EuRepoC. That figure highlights concerns about a “fetishisation” of state-sponsored groups (advanced persistent threats or APTs), whereby the practice among criminal groups and hacktivists of pursuing similar targets for the purpose of extortion or disruption is overlooked.
No comments:
Post a Comment